A computer network consists of a plurality of nodes which are coupled together in some fashion, for example, in a ring, daisy-chained, or clustered network. Such computer networks may involve a small number of users located geographically close to each other or thousands of users located on different continents. A node is any device attached to a network which acts as an originator or recipient of data. Examples of such devices which could be nodes are computers, computer terminals and storage devices.
The ultimate goal of computer networks is to accurately transfer information between the nodes comprising the network. Some network applications require the maintenance of security measures to insure either, or both, the confidentiality or integrity of the information transferred between nodes. Typically, such confidentiality is implemented by cryptographically protecting data transferred between nodes using devices implementing a cryptographic algorithm in conjunction with a cryptographic key. As used in this specification, cryptographic processing includes encryption, decryption, and/or checking the integrity of a data packet. The cryptographic key is a parameter which controls both encryption and decryption operations.
Encryption can be used to provide either, or both, confidentiality or integrity for a data transfer operation. Integrity as used in this specification means insuring that the data received at one node is an accurate representation of the data transmitted from another node. The process of encryption for confidentiality is accomplished by an algorithm with a given key which will scramble data such that only a user who has that same key will be able to descramble the data. In order to ensure the integrity of the data, a similar algorithm is used which uses the data to obtain an integrity check vector which is transmitted along with the original, non-encrypted data and used to verify the data.
A node is coupled to a computer network by an adaptor which is an input/output device which receives data from or transmits data across the network under its own power without the need for intervention by a central processing unit ("CPU"). The adaptor may also perform the cryptographic operations. The adaptor can be a microprocessor-based or a hard-wired logic system. The adaptor monitors the network so that it can properly send or receive data. After receiving or sending data, the adaptor will interrupt the CPU to inform it that such transfer has occurred.
A node may be simultaneously maintaining multiple connections to many remote nodes. Such nodes communicate by exchanging data packets which typically consist of header information and data. Thus, in a network system for example where encryption is occurring, these data packets contain encrypted data and will arrive at the node from other various nodes in an interleaved manner and in an unpredictable order. The header information sets forth which node is the receiving node of the data packet, but each remote node and possibly each connection will have its data encrypted with a different key. Each data packet contains sufficient information for the receiving node to ascertain which key to use to decrypt and/or check the integrity of a data packet. This information may either be implicit, i.e., based upon the source address information, or explicit, i.e., based upon a key identifier placed in the packet. In the prior art, the header is not encrypted so that the data packet can be relayed by intermediaries along the network that do not have the key. Also, the key is not placed in the data packet header since this would allow any user of the network to intercept the data packet and, using the key, decrypt the data. For security purposes, the key must be known only to the nodes communicating with each other.
As a result of these requirements, there is a unique shared key for each communicating pair of nodes in the network and possibly for each connection existing between the communicating pair. In the case where the node's adapter performs the cryptographic functions, each node's adaptor must store all the keys it is currently using in a key table maintained in the node's adaptor memory. When an adaptor receives a data packet it can decrypt and/or check the integrity of the packet using the appropriate key for the transmitting node. The required size of the key table memory is proportional to the maximum number of different keys that will be simultaneously active. Thus, for large networks each node's adaptor potentially would have to maintain a very large key table in its memory. This results in a large amount of board space on the adaptor being dedicated to key table memory. To overcome this problem, some known techniques for reducing the size of the key table include encrypting multiple connections under a single key (especially when there are several connections to a single end node), limiting the maximum number of "active" connections, and treating the key table as a key cache and resorting to a less efficient means for cryptographic processing of packets whose keys are not in the cache.
Also, the receiving node in performing the look up operation in its key table does this to find the sending node's key so that it can use that key to decrypt or check the integrity of the data. This look up operation must be performed very quickly so that the cryptographic processing can be done as the data packet arrives. A common method used to facilitate the look up operation is to have the two nodes exchange an index in the data packet. This index serves as an index into the receiving node's look up table. The index enables the receiving node to locate the sending node's key, thus, enabling the receiving node to decrypt and/or check the received data.
While the prior art provides an adequate method of ascertaining the key of a sending node in order to decrypt a data packet, there is a need for advancement. In particular, there is a need to minimize the amount of required key storage memory in a node while maintaining the security of communications between nodes in a computer network.